<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en"><head><title>JSON Web Encryption JSON Serialization (JWE-JS)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="description" content="JSON Web Encryption JSON Serialization (JWE-JS)">
<meta name="keywords" content="RFC, Request for Comments, I-D, Internet-Draft, JavaScript Object Notation, JSON, JSON Web Token, JWT, JSON Web Signature, JWS, JSON Web Encryption, JWE, JSON Web Key, JWK, JSON Web Algorithms, JWA">
<meta name="generator" content="xml2rfc v1.36 (http://xml.resource.org/)">
<style type='text/css'><!--
body {
font-family: verdana, charcoal, helvetica, arial, sans-serif;
font-size: small; color: #000; background-color: #FFF;
margin: 2em;
}
h1, h2, h3, h4, h5, h6 {
font-family: helvetica, monaco, "MS Sans Serif", arial, sans-serif;
font-weight: bold; font-style: normal;
}
h1 { color: #900; background-color: transparent; text-align: right; }
h3 { color: #333; background-color: transparent; }
td.RFCbug {
font-size: x-small; text-decoration: none;
width: 30px; height: 30px; padding-top: 2px;
text-align: justify; vertical-align: middle;
background-color: #000;
}
td.RFCbug span.RFC {
font-family: monaco, charcoal, geneva, "MS Sans Serif", helvetica, verdana, sans-serif;
font-weight: bold; color: #666;
}
td.RFCbug span.hotText {
font-family: charcoal, monaco, geneva, "MS Sans Serif", helvetica, verdana, sans-serif;
font-weight: normal; text-align: center; color: #FFF;
}
table.TOCbug { width: 30px; height: 15px; }
td.TOCbug {
text-align: center; width: 30px; height: 15px;
color: #FFF; background-color: #900;
}
td.TOCbug a {
font-family: monaco, charcoal, geneva, "MS Sans Serif", helvetica, sans-serif;
font-weight: bold; font-size: x-small; text-decoration: none;
color: #FFF; background-color: transparent;
}
td.header {
font-family: arial, helvetica, sans-serif; font-size: x-small;
vertical-align: top; width: 33%;
color: #FFF; background-color: #666;
}
td.author { font-weight: bold; font-size: x-small; margin-left: 4em; }
td.author-text { font-size: x-small; }
/* info code from SantaKlauss at http://www.madaboutstyle.com/tooltip2.html */
a.info {
/* This is the key. */
position: relative;
z-index: 24;
text-decoration: none;
}
a.info:hover {
z-index: 25;
color: #FFF; background-color: #900;
}
a.info span { display: none; }
a.info:hover span.info {
/* The span will display just on :hover state. */
display: block;
position: absolute;
font-size: smaller;
top: 2em; left: -5em; width: 15em;
padding: 2px; border: 1px solid #333;
color: #900; background-color: #EEE;
text-align: left;
}
a { font-weight: bold; }
a:link { color: #900; background-color: transparent; }
a:visited { color: #633; background-color: transparent; }
a:active { color: #633; background-color: transparent; }
p { margin-left: 2em; margin-right: 2em; }
p.copyright { font-size: x-small; }
p.toc { font-size: small; font-weight: bold; margin-left: 3em; }
table.toc { margin: 0 0 0 3em; padding: 0; border: 0; vertical-align: text-top; }
td.toc { font-size: small; font-weight: bold; vertical-align: text-top; }
ol.text { margin-left: 2em; margin-right: 2em; }
ul.text { margin-left: 2em; margin-right: 2em; }
li { margin-left: 3em; }
/* RFC-2629 <spanx>s and <artwork>s. */
em { font-style: italic; }
strong { font-weight: bold; }
dfn { font-weight: bold; font-style: normal; }
cite { font-weight: normal; font-style: normal; }
tt { color: #036; }
tt, pre, pre dfn, pre em, pre cite, pre span {
font-family: "Courier New", Courier, monospace; font-size: small;
}
pre {
text-align: left; padding: 4px;
color: #000; background-color: #CCC;
}
pre dfn { color: #900; }
pre em { color: #66F; background-color: #FFC; font-weight: normal; }
pre .key { color: #33C; font-weight: bold; }
pre .id { color: #900; }
pre .str { color: #000; background-color: #CFF; }
pre .val { color: #066; }
pre .rep { color: #909; }
pre .oth { color: #000; background-color: #FCF; }
pre .err { background-color: #FCC; }
/* RFC-2629 <texttable>s. */
table.all, table.full, table.headers, table.none {
font-size: small; text-align: center; border-width: 2px;
vertical-align: top; border-collapse: collapse;
}
table.all, table.full { border-style: solid; border-color: black; }
table.headers, table.none { border-style: none; }
th {
font-weight: bold; border-color: black;
border-width: 2px 2px 3px 2px;
}
table.all th, table.full th { border-style: solid; }
table.headers th { border-style: none none solid none; }
table.none th { border-style: none; }
table.all td {
border-style: solid; border-color: #333;
border-width: 1px 2px;
}
table.full td, table.headers td, table.none td { border-style: none; }
hr { height: 1px; }
hr.insert {
width: 80%; border-style: none; border-width: 0;
color: #CCC; background-color: #CCC;
}
--></style>
</head>
<body>
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<table summary="layout" width="66%" border="0" cellpadding="0" cellspacing="0"><tr><td><table summary="layout" width="100%" border="0" cellpadding="2" cellspacing="1">
<tr><td class="header">JOSE Working Group</td><td class="header">M. Jones</td></tr>
<tr><td class="header">Internet-Draft</td><td class="header">Microsoft</td></tr>
<tr><td class="header">Intended status: Standards Track</td><td class="header">October 14, 2012</td></tr>
<tr><td class="header">Expires: April 17, 2013</td><td class="header"> </td></tr>
</table></td></tr></table>
<h1><br />JSON Web Encryption JSON Serialization (JWE-JS)<br />draft-jones-jose-jwe-json-serialization-02</h1>
<h3>Abstract</h3>
<p>
The JSON Web Encryption JSON Serialization (JWE-JS) is a means
of representing encrypted content using
JavaScript Object Notation (JSON) data structures.
This specification describes a means of representing
secured content as a JSON data object
(as opposed to the JWE specification, which uses a
compact serialization with a URL-safe representation).
It enables the same content to be encrypted to multiple
parties (unlike JWE).
Cryptographic algorithms and identifiers used with this
specification are described in the separate
JSON Web Algorithms (JWA) specification.
The JSON Serialization for related digital signature and MAC
functionality is described in the separate
JSON Web Signature JSON Serialization (JWS-JS) specification.
</p>
<h3>Status of this Memo</h3>
<p>
This Internet-Draft is submitted in full
conformance with the provisions of BCP 78 and BCP 79.</p>
<p>
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current
Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.</p>
<p>
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any time.
It is inappropriate to use Internet-Drafts as reference material or to cite
them other than as “work in progress.”</p>
<p>
This Internet-Draft will expire on April 17, 2013.</p>
<h3>Copyright Notice</h3>
<p>
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.</p>
<p>
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.</p>
<a name="toc"></a><br /><hr />
<h3>Table of Contents</h3>
<p class="toc">
<a href="#anchor1">1.</a>
Introduction<br />
<a href="#anchor2">1.1.</a>
Notational Conventions<br />
<a href="#anchor3">2.</a>
Terminology<br />
<a href="#anchor4">3.</a>
JSON Serialization<br />
<a href="#JSONSerializationExample">4.</a>
Example JWE-JS<br />
<a href="#IANA">5.</a>
IANA Considerations<br />
<a href="#Security">6.</a>
Security Considerations<br />
<a href="#rfc.references1">7.</a>
References<br />
<a href="#rfc.references1">7.1.</a>
Normative References<br />
<a href="#rfc.references2">7.2.</a>
Informative References<br />
<a href="#Acknowledgements">Appendix A.</a>
Acknowledgements<br />
<a href="#TBD">Appendix B.</a>
Open Issues<br />
<a href="#anchor7">Appendix C.</a>
Document History<br />
<a href="#rfc.authors">§</a>
Author's Address<br />
</p>
<br clear="all" />
<a name="anchor1"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.1"></a><h3>1.
Introduction</h3>
<p>
The JSON Web Encryption JSON Serialization (JWE-JS) is a format for
representing encrypted content as a
JavaScript Object Notation (JSON) <a class='info' href='#RFC4627'>[RFC4627]<span> (</span><span class='info'>Crockford, D., “The application/json Media Type for JavaScript Object Notation (JSON),” July 2006.</span><span>)</span></a> object.
It enables the same content to be encrypted to multiple parties
(unlike JWE <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a>.)
The encryption mechanisms are independent of the type of
content being encrypted.
Cryptographic algorithms and identifiers used with this
specification are described in the separate
JSON Web Algorithms (JWA) <a class='info' href='#JWA'>[JWA]<span> (</span><span class='info'>Jones, M., “JSON Web Algorithms (JWA),” October 2012.</span><span>)</span></a> specification.
The JSON Serialization for related digital signature and MAC
functionality is described in the separate
JSON Web Signature JSON Serialization (JWS-JS) <a class='info' href='#JWS-JS'>[JWS‑JS]<span> (</span><span class='info'>Jones, M., Bradley, J., and N. Sakimura, “JSON Web Signature JSON Serialization (JWS-JS),” October 2012.</span><span>)</span></a>
specification.
</p>
<a name="anchor2"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.1.1"></a><h3>1.1.
Notational Conventions</h3>
<p>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in
Key words for use in RFCs to Indicate Requirement Levels <a class='info' href='#RFC2119'>[RFC2119]<span> (</span><span class='info'>Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.</span><span>)</span></a>.
</p>
<a name="anchor3"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.2"></a><h3>2.
Terminology</h3>
<p>
This specification uses the same terminology as the
JSON Web Encryption (JWE) <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a>
specification.
</p>
<a name="anchor4"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.3"></a><h3>3.
JSON Serialization</h3>
<p>
The JSON Serialization represents encrypted content as a JSON object with
a <tt>recipients</tt> member
containing an array of per-recipient information,
an <tt>initialization_vector</tt> member
containing a shared Encoded JWE Initialization Vector value,
and a <tt>ciphertext</tt> member
containing a shared Encoded JWE Ciphertext value.
Each member of the <tt>recipients</tt> array is a JSON object with
a <tt>header</tt> member
containing an Encoded JWE Header value,
an <tt>encrypted_key</tt> member
containing an Encoded JWE Encrypted Key value,
and an <tt>integrity_value</tt> member
containing an Encoded JWE Integrity Value value.
</p>
<p>
Unlike the compact serialization used by JWEs, content using
the JSON Serialization MAY be encrypted to more than one
recipient. Each recipient requires:
</p>
<ul class="text">
<li>
a JWE Header value specifying the cryptographic parameters
used to encrypt the JWE Encrypted Key to that recipient
and the parameters used to encrypt the plaintext to
produce the JWE Ciphertext;
this is represented as an Encoded JWE Header value
in the <tt>header</tt> member
of an object in the <tt>recipients</tt> array.
</li>
<li>
a JWE Encrypted Key value used to encrypt the ciphertext;
this is represented as an Encoded JWE Encrypted Key value
in the <tt>encrypted_key</tt> member
of an object in the <tt>recipients</tt> array.
</li>
<li>
a JWE Integrity Value that ensures the integrity of
the Ciphertext and the parameters used to create it;
this is represented as an Encoded JWE Integrity Value value
in the <tt>integrity_values</tt> member
of an object in the <tt>recipients</tt> array.
</li>
</ul><p>
Therefore, the syntax is:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
{"recipients":[
{"header":"<header 1 contents>",
"encrypted_key":"<encrypted key 1 contents>",
"integrity_value":"<integrity value 1 contents>"},
...
{"header":"<header N contents>",
"encrypted_key":"<encrypted key N contents>",
"integrity_value":"<integrity value N contents>"}],
"initialization_vector":"<initialization vector contents>",
"ciphertext":"<ciphertext contents>"
}
</pre></div>
<p>
The contents of the
Encoded JWE Header,
Encoded JWE Encrypted Key,
Encoded JWE Initialization Vector,
Encoded JWE Ciphertext, and
Encoded JWE Integrity Value
values are exactly as
specified in JSON Web Encryption (JWE) <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a>.
They are interpreted and validated in the same manner, with
each corresponding <tt>headers</tt>,
<tt>encrypted_keys</tt>, and <tt>integrity_values</tt> value being created
or validated together. The arrays MUST have the same number
of elements.
</p>
<p>
The i'th JWE Encrypted Key value and the
i'th JWE Integrity Value are computed using the
parameters of i'th JWE Header value in the same manner
described in the JWE specification. This has the desirable
result that each Encoded JWE Encrypted Key value in the <tt>encrypted_keys</tt> array and
each Encoded JWE Integrity Value in the <tt>integrity_values</tt> array
are identical to the
values that would have been computed for the same header and
payload in a JWE, as is the JWE Ciphertext value.
</p>
<p>
All recipients use the same JWE Ciphertext value, resulting in
potentially significant space savings if the message is large.
Therefore, all header parameters that specify the treatment of
the JWE Ciphertext value MUST be the same for all recipients.
In particular, this means that the <tt>enc</tt> (encryption method) header parameter
value in the JWE Header for each recipient MUST be the same,
as MUST be the <tt>iv</tt> (initialization vector) value,
the <tt>int</tt> (integrity algorithm) value,
and the <tt>kdf</tt> (key derivation function) value,
when present.
</p>
<a name="JSONSerializationExample"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.4"></a><h3>4.
Example JWE-JS</h3>
<p>
This section contains an example using the JWE JSON
Serialization. This example demonstrates the capability for
encrypting the same plaintext to multiple recipients.
</p>
<p>
Two recipients are present in this example: the first using the
RSAES-PKCS1-V1_5 algorithm to encrypt the Content Master Key (CMK)
and the second using RSAES OAEP to encrypt the CMK.
The Plaintext is encrypted using the AES CBC algorithm
and the same block encryption parameters to produce
the common JWE Ciphertext value.
The two Decoded JWE Header Segments used are:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
{"alg":"RSA1_5","enc":"A128CBC+HS256"}
</pre></div>
<p>
and:
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
{"alg":"RSA-OAEP","enc":"A128CBC+HS256"}
</pre></div>
<p>
The keys used for the first recipient are the same as those in
Appendix A.2 of <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a>, as is the plaintext used.
The asymmetric encryption key used for the second recipient
is the same as that used in Appendix A.1 of <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a>;
the block encryption keys and parameters for the second recipient
are the same as those for the first recipient
(which must be the case, since the initialization vector
and ciphertext are shared).
</p>
<p>
The complete JSON Web Encryption JSON Serialization (JWE-JS)
for these values is as follows
(with line breaks for display purposes only):
</p><div style='display: table; width: 0; margin-left: 3em; margin-right: auto'><pre>
{"recipients":[
{"header":
"eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2In0",
"encrypted_key":
"O6AqXqgVlJJ4c4lp5sXZd7bpGHAw6ARkHUeXQxD1cAW4-X1x0qtj_AN0mukqE
Ol4Y6UOwJXIJY9-G1ELK-RQWrKH_StR-AM9H7GpKmSEji8QYOcMOjr-u9H1Lt
_pBEieG802SxWz0rbFTXRcj4BWLxcpCtjUZ31AP-sc-L_eCZ5UNl0aSRNqFsk
uPkzRsFZRDJqSSJeVOyJ7pZCQ83fli19Vgi_3R7XMUqluQuuc7ZHOWixi47jX
lBTlWRZ5iFxaS8G6J8wUrd4BKggAw3qX5XoIfXQVlQZE0Vmkq_zQSIo5LnFKy
owooRcdsEuNh9B9Mkyt0ZQElG-jGdtHWjZSOA",
"integrity_value":
"RBGhYzE8_cZLHjJqqHuLhzbgWgL_wV3LDSUrcbkOiIA"},
{"header":
"eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkExMjhDQkMrSFMyNTYifQ",
"encrypted_key":
"myoFYZHErXG4gMVWl9UrFOCFIwvOUudYrxTsRsOt6maTc3W8G1FqGVOIBSZve
BdZz2LqS42xta5OXEwLYaocObUxtfH9H8vMsjO-mBo7U9mp_PkS9PqVJMkeEe
PLhzNLH0ecq7nYT6AFr5sSt4WMOPjSwHVQWtx43fZt4HvYaE_vgeSrxdi8KAb
xbLzK_-qcYT6H7cwOMZrT6SFcXgLXESuKpF0azSGQtUmo0MLICP0YPBecGLTo
PiveOH2awKZx0FkzPwi4JmOIvnAJ_wVQQJDVELwO9SIoF8olCQRHGyZ9rzDrr
GRkoYgm2jVz-x0BuFVQFa4ZNufudtiT8pQxKg",
"integrity_value":
"i45dXWFjRKk805VtjIw_8iqGq1r9qPV7ULDLbnNAC_Q"}],
"initialization_vector":
"AxY8DCtDaGlsbGljb3RoZQ",
"ciphertext":
"1eBWFgcrz40wC88cgv8rPgu3EfmC1p4zT0kIxxfSF2zDJcQ-iEHk1jQM95xAdr5
Z"
}
</pre></div>
<a name="IANA"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.5"></a><h3>5.
IANA Considerations</h3>
<p>
This specification makes no requests of IANA.
</p>
<a name="Security"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.6"></a><h3>6.
Security Considerations</h3>
<p>
The security considerations for this specification are the
same as those for the JSON Web Encryption (JWE) <a class='info' href='#JWE'>[JWE]<span> (</span><span class='info'>Jones, M., Rescorla, E., and J. Hildebrand, “JSON Web Encryption (JWE),” October 2012.</span><span>)</span></a> specification.
</p>
<a name="rfc.references"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.7"></a><h3>7.
References</h3>
<a name="rfc.references1"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>7.1. Normative References</h3>
<table width="99%" border="0">
<tr><td class="author-text" valign="top"><a name="JWA">[JWA]</a></td>
<td class="author-text"><a href="mailto:mbj@microsoft.com">Jones, M.</a>, “<a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms">JSON Web Algorithms (JWA)</a>,” October 2012.</td></tr>
<tr><td class="author-text" valign="top"><a name="JWE">[JWE]</a></td>
<td class="author-text"><a href="mailto:mbj@microsoft.com">Jones, M.</a>, <a href="mailto:ekr@rtfm.com">Rescorla, E.</a>, and <a href="mailto:jhildebr@cisco.com">J. Hildebrand</a>, “<a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption">JSON Web Encryption (JWE)</a>,” October 2012.</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC2119">[RFC2119]</a></td>
<td class="author-text"><a href="mailto:sob@harvard.edu">Bradner, S.</a>, “<a href="http://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>,” BCP 14, RFC 2119, March 1997 (<a href="http://www.rfc-editor.org/rfc/rfc2119.txt">TXT</a>, <a href="http://xml.resource.org/public/rfc/html/rfc2119.html">HTML</a>, <a href="http://xml.resource.org/public/rfc/xml/rfc2119.xml">XML</a>).</td></tr>
<tr><td class="author-text" valign="top"><a name="RFC4627">[RFC4627]</a></td>
<td class="author-text">Crockford, D., “<a href="http://tools.ietf.org/html/rfc4627">The application/json Media Type for JavaScript Object Notation (JSON)</a>,” RFC 4627, July 2006 (<a href="http://www.rfc-editor.org/rfc/rfc4627.txt">TXT</a>).</td></tr>
</table>
<a name="rfc.references2"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>7.2. Informative References</h3>
<table width="99%" border="0">
<tr><td class="author-text" valign="top"><a name="I-D.rescorla-jsms">[I-D.rescorla-jsms]</a></td>
<td class="author-text">Rescorla, E. and J. Hildebrand, “<a href="http://tools.ietf.org/html/draft-rescorla-jsms-00">JavaScript Message Security Format</a>,” draft-rescorla-jsms-00 (work in progress), March 2011 (<a href="http://www.ietf.org/internet-drafts/draft-rescorla-jsms-00.txt">TXT</a>).</td></tr>
<tr><td class="author-text" valign="top"><a name="JSE">[JSE]</a></td>
<td class="author-text">Bradley, J. and N. Sakimura (editor), “<a href="http://jsonenc.info/enc/1.0/">JSON Simple Encryption</a>,” September 2010.</td></tr>
<tr><td class="author-text" valign="top"><a name="JWS-JS">[JWS-JS]</a></td>
<td class="author-text"><a href="mailto:mbj@microsoft.com">Jones, M.</a>, <a href="mailto:ve7jtb@ve7jtb.com">Bradley, J.</a>, and <a href="mailto:n-sakimura@nri.co.jp">N. Sakimura</a>, “<a href="http://tools.ietf.org/html/draft-jones-jose-jws-json-serialization">JSON Web Signature JSON Serialization (JWS-JS)</a>,” October 2012.</td></tr>
</table>
<a name="Acknowledgements"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.A"></a><h3>Appendix A.
Acknowledgements</h3>
<p>
JSON serializations for encrypted content were previously explored by
<a class='info' href='#JSE'>JSON Simple Encryption<span> (</span><span class='info'>Bradley, J. and N. Sakimura (editor), “JSON Simple Encryption,” September 2010.</span><span>)</span></a> [JSE] and
<a class='info' href='#I-D.rescorla-jsms'>JavaScript Message Security
Format<span> (</span><span class='info'>Rescorla, E. and J. Hildebrand, “JavaScript Message Security Format,” March 2011.</span><span>)</span></a> [I‑D.rescorla‑jsms].
</p>
<a name="TBD"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.B"></a><h3>Appendix B.
Open Issues</h3>
<p>
[[ to be removed by the RFC editor before publication as an RFC ]]
</p>
<p>
The following items remain to be considered or done in this draft:
</p>
<ul class="text">
<li>
Track changes that occur in the JWE spec.
</li>
</ul><p>
</p>
<a name="anchor7"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<a name="rfc.section.C"></a><h3>Appendix C.
Document History</h3>
<p>
[[ to be removed by the RFC editor before publication as an RFC ]]
</p>
<p>
-02
</p>
<ul class="text">
<li>
Changed to use an array of structures for per-recepient values,
rather than a set of parallel arrays.
</li>
<li>
Promoted Initialization Vector from being a header parameter to being
a top-level JWE element.
This saves approximately 16 bytes in the compact serialization,
which is a significant savings for some use cases.
Promoting the Initialization Vector out of the header also avoids repeating
this shared value in the JSON serialization.
</li>
</ul><p>
</p>
<p>
-01
</p>
<ul class="text">
<li>
Added a complete JWE-JS example.
</li>
<li>
Generalized language to refer to Message Authentication Codes (MACs)
rather than Hash-based Message Authentication Codes (HMACs).
</li>
</ul><p>
</p>
<p>
-00
</p>
<ul class="text">
<li>
Renamed draft-jones-json-web-encryption-json-serialization
to draft-jones-jose-jwe-json-serialization to have "jose"
be in the document name so it can be included in the
Related Documents list at http://datatracker.ietf.org/wg/jose/.
No normative changes.
</li>
</ul><p>
</p>
<p>
draft-jones-json-web-encryption-json-serialization-02
</p>
<ul class="text">
<li>
Updated examples to track updated algorithm properties in the JWA spec.
</li>
<li>
Tracked editorial changes made to the JWE spec.
</li>
</ul><p>
</p>
<p>
draft-jones-json-web-encryption-json-serialization-01
</p>
<ul class="text">
<li>
Tracked changes between JOSE JWE draft -00 and -01, which
added an integrity check for non-AEAD algorithms.
</li>
</ul><p>
</p>
<p>
draft-jones-json-web-encryption-json-serialization-00
</p>
<ul class="text">
<li>
Created the initial version incorporating JOSE working
group input and drawing from the JSON Serialization
previously proposed in draft-jones-json-web-token-01.
</li>
</ul><p>
</p>
<a name="rfc.authors"></a><br /><hr />
<table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table>
<h3>Author's Address</h3>
<table width="99%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="author-text"> </td>
<td class="author-text">Michael B. Jones</td></tr>
<tr><td class="author-text"> </td>
<td class="author-text">Microsoft</td></tr>
<tr><td class="author" align="right">Email: </td>
<td class="author-text"><a href="mailto:mbj@microsoft.com">mbj@microsoft.com</a></td></tr>
<tr><td class="author" align="right">URI: </td>
<td class="author-text"><a href="http://self-issued.info/">http://self-issued.info/</a></td></tr>
</table>
</body></html>